62 lines
No EOL
1.8 KiB
C#
62 lines
No EOL
1.8 KiB
C#
using System.Security.Cryptography;
|
|
using SurveyBackend.Core.Services;
|
|
|
|
namespace SurveyBackend.Services.Helpers;
|
|
|
|
public class Sha256PasswordHasher : IPasswordHasher
|
|
{
|
|
private const int RehashCount = 10000;
|
|
|
|
private const int HashSizeBytes = 16;
|
|
|
|
private const int SaltSizeBytes = 16;
|
|
|
|
public string HashPassword(string password)
|
|
{
|
|
var saltBytes = RandomNumberGenerator.GetBytes(SaltSizeBytes);
|
|
|
|
using var deriveBytes = GetDeriveBytes(password, saltBytes);
|
|
|
|
var hashBytes = deriveBytes.GetBytes(HashSizeBytes);
|
|
|
|
var fullHashBytes = new byte[SaltSizeBytes + HashSizeBytes];
|
|
|
|
Array.Copy(saltBytes, 0, fullHashBytes, 0, SaltSizeBytes);
|
|
Array.Copy(hashBytes, 0, fullHashBytes, SaltSizeBytes, HashSizeBytes);
|
|
|
|
var hashedPassword = Convert.ToBase64String(fullHashBytes);
|
|
|
|
return hashedPassword;
|
|
}
|
|
|
|
public bool Verify(string password, string hashedPassword)
|
|
{
|
|
var fullHashBytes = Convert.FromBase64String(hashedPassword);
|
|
|
|
var saltBytes = new byte[SaltSizeBytes];
|
|
|
|
Array.Copy(fullHashBytes, 0, saltBytes, 0, SaltSizeBytes);
|
|
|
|
using var deriveBytes = GetDeriveBytes(password, saltBytes);
|
|
|
|
var hashBytes = deriveBytes.GetBytes(HashSizeBytes);
|
|
|
|
var isMatch = CompareHashes(hashBytes, fullHashBytes);
|
|
|
|
return isMatch;
|
|
}
|
|
|
|
private static bool CompareHashes(byte[] hashBytes, byte[] fullHashBytes)
|
|
{
|
|
for (var i = 0; i < HashSizeBytes; i++)
|
|
if (hashBytes[i] != fullHashBytes[i + SaltSizeBytes])
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
private static Rfc2898DeriveBytes GetDeriveBytes(string password, byte[] saltBytes)
|
|
{
|
|
return new Rfc2898DeriveBytes(password, saltBytes, RehashCount, HashAlgorithmName.SHA256);
|
|
}
|
|
} |